Currently, the plugin just uses static aws_access_key and aws_secret_key credential or keys provided by Ec2 AIM role. It might be useful to support credential provided by AWS STS which gives the ability to assume different roles.
An use-case is when you want to put metrics to Cloudwatch in another AWS account. So, you should create a role with proper policies and then use aws sts to assume the role in order to get temporary keys.
Agree. Another use-case is usage on embedded devices that leverage AWS IoT Core to log all system stdout and stderr pipes before the aws iot client kicks in.
awslabs/amazon-cloudwatch-publisher#2
Currently, the plugin just uses static
aws_access_key
andaws_secret_key
credential or keys provided by Ec2 AIM role. It might be useful to support credential provided by AWS STS which gives the ability to assume different roles. An use-case is when you want to put metrics to Cloudwatch in another AWS account. So, you should create a role with proper policies and then useaws sts
to assume the role in order to get temporary keys.